Nations Demand Online Privacy

21st Apr 10:07

Saying they've grown increasingly impatient with online companies that pay too little heed to national privacy laws and expectations, data protection commissioners from 10 countries on Tuesday launched what they promised would be an ongoing effort to match worldwide enforcement with the growing global market in social network information.

"We've seen this happening a couple of times now and we want to say, 'No, this can't go on the way it has," said Jennifer Stoddart, Canada's privacy commissioner.

The group fired its first shot at Google, asking the company to explain what is widely considered to be its flawed launch of the social networking tool, Buzz, and answer how it intends to more closely hew to privacy expectations in the future.

The commissioners, representing Canada, France, Germany, Ireland, Israel, Italy, Netherlands, New Zealand, Spain and the United Kingdom, chided Google for failing to understand the privacy implications of automatically signing up users for Buzz and exposing some of their Gmail contacts to other users without clearly explaining what was happening.

Unacceptable Behavior

"It is unacceptable to roll out a product that unilaterally renders personal information public, with the intention of repairing problems later as they arise," the commissioners wrote. "Privacy cannot be sidelined in the rush to introduce new technologies to online audiences around the world."

In response, Google issued a statement saying the company tries to be upfront about the information it collects and how it is used, and to give users tools to take control of that information, but it had no specific comment on the privacy commissioners' action.

"We have discussed all these issues publicly many times before and have nothing to add to today's letter -- instead we are focused on launching our new transparency tool which we are very excited about," the statement reads.

The transparency tool shows requests by governments around the world to remove information from Google, or to provide information about users.

Lesson Learned

That some of the same governments that have recently enacted strict new laws that will give media companies greater control over the Internet are the same ones complaining about Google violating users' rights is somewhat ironic, said privacy expert Lauren Weinstein of Vortex Technology.

It's clear that Google's Buzz launch was flawed and had serious privacy implications, Weinstein said, but the company almost certainly caused the problem inadvertently -- not to intentionally flout privacy laws, as some commissioners suggested Tuesday.

The company also moved quickly to repair the damage, he said, and it's highly probable it has learned its lesson.

"I'd dare say that in the future, a situation like this is unlikely to recur," remarked Weinstein. "What's troublesome to me about the overall story line here is that there's a lot of people who just don't want to let go of this."

'Last Warning'

Some world governments are anxious about Google's ability to enable unprecedented interaction and access to information, in Weinstein's view, and it's questionable why they would raise privacy issues about services such as Google's Street View program when many of those same governments are making use of widespread closed-circuit surveillance systems.

However, what the commissioners want is what users want -- for companies such as Google and Facebook to give them the ability to control how information they put on the Internet is used, Stoddard said.

The commissioners asked that Google, as a leader in the online community, enact broad standards to enhance privacy controls, including collecting as little information as possible, making it clear how the information will be used, making it easy to adjust privacy settings -- and having them default to privacy.

"In all of our countries, personal information is personal information," she said. "You can't just deem it to be public."

And if Internet companies don't listen?

"This time, we choose to send what you may term a 'last warning' to the online community," said Jacob Kohnstamm, chairman of the Dutch data protection agency, "but we won't hesitate to act."